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This listing of claims will replace all prior versions, and listings, of claims in the 
application: 



Listing of Claims: 



1 . (original) A computer-based method for a multiparty electronic service, the 
method comprising steps of: 

negotiating a machine interpretable service specification between all parties, 
which would cooperate with a particular application running on a host system; 
defining said service specification to: 
identify cooperating parties; 

identify a requestor and format of a service request, said request is adapted to 
contain information about an individual; 

conduct conditional processing steps required for said service request, said 
conditional processing steps is adapted to use stored data about said individual; 
and 

provide conditional notifications, said notifications is adapted to include additional 

information about the individual described in the request; 

providing a secure computation environment in said host system; 

uploading said service specification into said secure computation environment; 

enforcing said service specification with regards to all cooperating parties; 

receiving a service request from said requestor; 
providing a secure co-processor in said secure computation environment for 
processing said service request, where said secure processing includes: 
determining the service specification that governs said service request; 
validating the actual requestor and the content of the service request against an 
expected requestor and expected contents as defined in the service 
specification; and 

executing the conditional processing and the notifications as defined in the 
service specification. 
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2. (original) The method of claim 1 further comprising the step of allowing at least 
one party of said cooperating parties to cancel said service specification wherein 
all future service requests that rely on said cancelled service specification will be 
rejected. 

3. (original) The method of claim 2 wherein said steps of negotiating a machine 
interpretable service specification, uploading, enforcing, receiving a service 
request, and canceling said service specification comprises the step of 
conducting said previous steps multiple times. 

4. (original) The method of claim 1 further comprising the steps of: 
negotiating multiple machine interpretable service specifications; 
defining said multiple service specifications; 

uploading said multiple service specifications into said secure computation 
environment; and 

enforcing said multiple service specifications with regards to all cooperating 
parties. 

5 (original) The method of claim 4 wherein said secure processing steps further 
comprises the step of having at least one of said secure processing steps be.ng 
executed unconditionally- 

6 (original) The method of claim 1 wherein said secure processing steps further 
comprises the step of having at least one of said secure processing steps use 
data provided in said service request and found in said host system to denve 
further information about said individual described in said service request. 

7 (original) The method of claim 6 wherein said at least one of said secure 
processing steps further comprises the step of computing a correlation between 
biometric data provided in said service request and biometric data looked up .n 
said host system. 
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8. (original) The method of claim 1 wherein said step of providing conditional 
notifications further comprises the step of providing an empty message. 

9. (original) The method of claim 1 wherein said step of negotiating a machine 
interpretable service specification between all parties further comprises the step 
of providing a contract for governing the negotiated service specification. 

10. (original) The method of claim 1 wherein said secure processing steps further 
comprises the step of notifying said requestor that said service request was 
processed. 

11. (original) The method of claim 1 wherein said step of enforcing said service 
specification further comprises the step of uploading at least one database from 
at least one party of said cooperating parties, information contained therein from 
said at least one database is stored in said host system. 

12. (original) The method of claim 4 wherein said step of negotiating multiple 
machine interpretable service specifications between any cooperating parties 
further comprises the step of providing a contract for governing each negotiated 
service specification. 

13: (original) The method of claim 1 wherein said step of providing conditional 
notifications further comprises the step of providing a notification that is adapted 
to contain information about said individual. 

1 4. (original) The method of claim 1 3, wherein said step of providing a notification 
that is adapted to contain information about said individual further comprises the 
step of providing said notification to at least one party of said cooperating parties, 
said at least one party of said cooperating parties is a party other than said 
requestor. 

15. (original) The method of claim 14, wherein said step of providing a notification 
to at least one party of said cooperating parties that is adapted to contain 
information about said individual further comprises the step of providing 
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notification to said at least one party of said cooperating parties that is a party 
other than a provider of said stored data. 

16 (original) The method of claim 1 wherein said step of providing conditional 
notifications further comprises the step of providing a notification to at least one 
party of said cooperating parties that is adapted to contain no information about 
said individual. 

17. (original) Apparatus for a multiparty electronic service, the apparatus 
comprising: 

at least one host computer adapted to have at least one secure co-processor 
operating in a secure computation environment, said at least one host computer 
operative to: negotiate a machine interpretable service specification between all 
parties, which would cooperate with a particular application running on said host 
computer; upload said service specification into said secure computation 
environment; enforce said service specification with regards to all cooperating 
parties; receive a service request from a requestor; execute secure processing of 
said service request; and provide notifications as defined in the service 
specification. 

18. (original) The apparatus of claim 17, wherein said at least one host computer 
is further operative to define said service specification to: 
identify said cooperating parties; 

identify said requestor and the format of said service request, said request « 
adapted to contain information about an individual; 

conduct conditional processing steps required for said service request, said 
conditional processing steps is adapted to use stored data about said individual; 
and 

provide conditional notifications, said conditional notifications is adapted to 
include additional information about the individual described in the request. 
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19. (original) The apparatus of claim 17 wherein said at least one host computer 
is further operative to execute said secure processing to: 
determine the service specification that governs said service request; 
validate said requestor and the content of the service request against an 
expected requestor and expected contents as defined in the service 

specification; and 

execute conditional processing as defined in the service specification. 

20 (original) The apparatus of claim 17 wherein said at least one host computer 
is further operative to provide said notifications as conditional notifications that is 
adapted to include additional information about an individual described in the 
request. 

21 . (original) The apparatus of claim 17 wherein said at least one host computer 
is further operative to provide a contract for governing the negotiated service 
specification. 

22 (original) The apparatus of claim 17 wherein said at least one host computer 
operative to negotiate said machine interpretable service specification, upload 
said service specification, enforce said service specification, and receive a 
service request, is further operative to conduct said negotiating, uploading, 
enforcing and receiving functions multiple times. 

23 (original) The apparatus of claim 17 wherein said at least one host computer 
is further operative to use data provided in said service request and found in sa.d 
host computer to derive further information about an individual described in said 
service request 
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24 (original) The apparatus of claim 23 wherein said at least one host computer 
is further operative to compute a correlation between biometric data provided in 
said service request and biometric data looked up in said host computer. 

25 (original) The apparatus of claim 17 wherein said at least one host computer 
is further operative to compute a correlation between biometric data provided in 
said service request and biometric data looked up in said host computer. 

26. (original) The apparatus of claim 17 wherein said at least one host computer 
operative to provide notifications is further operative to provide an empty 
message. 

27 (original) The apparatus of claim 17 wherein said at least one host computer 
is further operative to upload at least one database from at least one party of sa.d 
cooperating parties, information contained therein from said at least one 
database is adapted to be stored in said host computer. 

28 (original) The apparatus of claim 17 wherein said at least one host computer 
operative to negotiate a machine interpretable service specification between ail 
parties is further operative to: negotiate multiple machine interpretable serv.ce 
specifications; define said multiple service specifications; upload said multiple 
service specifications into said secure computation environment; and 
enforce said multiple service specifications with regards to all cooperating 
parties. 

29 (original) The apparatus of claim 17 wherein said at least one host computer 
operative to provide notifications is further operative to notify said requestor that 
said service request was processed. 
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30 (original) The apparatus of claim 27 wherein said at least one host computer 
operative to provide notifications is further operative to provide conditional 
notifications that is adapted to contain information about an individual. 

31 (original) The apparatus of claim 18 wherein said at least one host computer 
is further operative to provide said conditional notifications to another party of 
said cooperating parties, said another party of said cooperating parties is a party 
other than said requestor. 

32 (original) The method of claim 31 , wherein said at least one host computer 
operative to provide said conditional notifications to said another party of sa.d 
cooperating parties 

is further operative to provide said conditional notifications to a party other than a 
provider of said stored data. 

33. (original) An identification apparatus for matching individuals, the apparatus 
comprising; 

at least one host computer adapted to have at least one secure co-processor 
operating in a secure computation environment, said at least one host computer 
operative to: negotiate a machine intertable contract between all parties, 
which would cooperate with a particular application running on said host 
computer; upload said contract into said secure computation environment; 
enforce said contract with regards to all cooperating parties; receive a serv.ce 
request from a requestor; execute secure processing of said service request; and 
provide notifications as defined in the contract. 

34 (original) An article of manufacture for use in a multiparty electronic service, 
comprising a machine readable medium tangibly embodying a program of 
instructions executable by a machine for implementing a method, the method 
comprising steps of: 
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negotiating a machine intertable service specification between all parties, 
which would cooperate with a particular application running on a host system; 
defining said service specification to: 
identify cooperating parties; 

identify a requestor and format of a service request, said request is adapted to 
contain information about an individual; 

conduct conditional processing steps required for said service request, said 
conditional processing steps is adapted to use stored data about said individual; 

pravide conditional notifications, said notifications is adapted to include additional 

information about the individual described in the request; 

providing a secure computation environment in said host system; 

uploading said service specification into said secure computation environment; 

enforcing said service specification with regards to all cooperating part.es; 

receiving a service request from said requestor; 
providing a secure co-processor in said secure computation environment for 
processing said service request, where said secure processing includes: 
determining the service specification that governs said service request; 
validating the actual requestor and the content of the service request against an 
expected requestor and expected contents as defined in the serv.ce 
specification; and 

executing the conditional processing and the notifications as defined in the 
service specification. 

35 (original) A program storage device readable by a machine, tangibly 
embodying a program of instructions executable by the machine to perform 
methods steps for managing a matching identification service, the method 
comprising the steps of: 

negotiating a machine interpretable service specification between all part.es, 
which would cooperate with a particular application running on a host system; 
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defining said service specification to: 
identify cooperating parties; 

identify a requestor and format of a service request, said request is adapted to 
contain information about an individual; 

conduct conditional processing steps required for said service request, said 
conditional processing steps is adapted to use stored data about said ind-vidual; 

provide conditional notifications, said notifications is adapted to include additional 

information about the individual described in the request; 

providing a secure computation environment in said host system; 

uploading said service specification into said secure computation environment; 

enforcing said service specification with regards to all cooperating parties; 

receiving a service request from said requestor; 
providing a secure co-processor in said secure computation environment for 
processing said service request, where said secure processing includes: 
determining the service specification that governs said service request; 
validating the actual requestor and the content of the service request aga.nst an 
expected requestor and expected contents as defined in the service 
specification; and 

executing the conditional processing and the notifications as defined in the 
service specification. 

36. (Previously presented) A multiparty electronic service method comprising the 
steps of: 

providing at least one host computer adapted to have at least one secure co- 
processor operating in a secure computation environment; 
operating said at least one host computer to negotiate a machine intertable 
service specification between all parties, which would cooperate with a part(cuiar 
application running on said host computer; 

uploading said service specification into said secure computation environment; 
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enforcing said service specification with regards to all cooperating parties; 

receiving a service request from a requestor; 

executing secure processing of said service request; and 

providing notifications as defined in the sen/ice specification. 

37. (Previously presented) An identification method for matching individuals, the 
method comprising the steps of: 

providing at least one host computer adapted to have at least one secure co- 
processor operating in a secure computation environment; 
operating said at least one host computer to negotiate a machine interpretable 
contract between all parties, which would cooperate with a particular application 
running on said host computer; 

uploading said contract into said secure computation environment; 
enforcing said contract with regards to all cooperating parties; 
receiving a service request from a requestor; 
executing secure processing of said service request; and 
providing notifications as defined in the contract. 

38 (Previously presented) An article of manufacture for use in a multiparty 
electronic service, comprising a machine readable medium tangibly embodying a 
program of instructions executable by a machine for implementing a method, the 
method comprising steps of: 

providing at least one host computer adapted to have at least one secure co- 
processor operating in a secure computation environment; 
operating said at least one host computer to negotiate a machine interpretable 
service specification between all parties, which would cooperate with a particular 
application running on said host computer; 

uploading said service specification into said secure computation environment; 
enforcing said service specification with regards to all cooperating parties; 
receiving a service request from a requestor; 
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executing secure processing of said service request; and 
providing notifications as defined in the service specification. 

39 (Previously presented) A program storage device readable by a machine, 
tangibly embodying a program of instructions executable by the mach.ne to 
perform methods steps for managing a matching identification service, the 
method comprising the steps of: 

providing at least one host computer adapted to have at least one secure co- 
processor operating in a secure computation environment; 
operating said at least one host computer to negotiate a machine interpretabie 
service specification between all parties, which would cooperate with a part.cutar 
application running on said host computer; 

uploading said service specification into said secure computation environment; 
enforcing said service specification with regards to all cooperating parties; 
receiving a service request from a requestor; 
executing secure processing of said service request; and 
providing notifications as defined in the service specification. 

40 (Previously presented) An article of manufacture for use in matching 
individuals, comprising a machine readable medium tangibly embodying a 
program of instructions executable by a machine for implementing a method, the 
method comprising steps of: 

providing at least one host computer adapted to have at least one secure co- 
processor operating in a secure computation environment; 
operating said at least one host computer to negotiate a machine interpretabie 
contract between all parties, which would cooperate with a particular applicabon 
running on said host computer; 

uploading said contract into said secure computation environment; 
enforcing said contract with regards to all cooperating parties; 
receiving a service request from a requestor; 
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executing secure processing of said service request; and 
providing notifications as defined in the contract. 

41. (Previously presented) A program storage device readable by a machine, 
tangibly embodying a program of instructions executable by the machine to 
perform methods steps for managing a matching identification service, the 
method comprising the steps of: providing at least one host computer adapted to 
have at least one secure co-processor operating in a secure computation 
environment; 

operating said at least one host computer to negotiate a machine intertable 
contract between all parties, which would cooperate with a particular application 
running on said host computer; 

uploading said contract into said secure computation environment; 
enforcing said contract with regards to all cooperating parties; 
receiving a service request from a requestor; 
executing secure processing of said service request, and 
providing notifications as defined in the contract. 

42. (New) A computer-based method for a multiparty electronic service, the 

method comprising steps of: 

implementing on a computer system at least one contract for governing a 
service between a service provider, a client and at least one other party; 

receiving at said service provider a first request from a client; 

sending from said service provider a data request to one of at least one 
other party; 

receiving, at said service provider from said one of at least one other 
party a data response in a secure computation environment; 

' determining, in accordance with said contract, whether a match exists 
between said first request and said data response; 
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if a match results from said determining step, providing a notification of 
said match to said at least one other party. 

43 (New) The method of claim 42 further comprises the step of providing said 
notification even if there is no match as determined in said determining step. 

44. (New) The method of claim 43, wherein said step of providing said 
notification comprises the step of providing a dummy message to said at least 
one other party. 

45. (New) The method of claim 42 further comprises the step of notifying said 
client that said first request was processed. 

46 (New) The method of claim 42 wherein the implementing the at least one 
contract step comprises the step of assigning a contract ID for any contract that 
governs a service between the service provider, the client and the at least one 
other party. 

47 (New) The method of claim 42 further comprises the step of executing the 
previous steps in a contract engine within the secure computation environment 

48. (New) The method of claim 47 further comprises the step of providing a 
plurality of contract engines coupled to a communication network. 

49. (New) The method of claim 42 wherein the determining step comprises the 
step of performing the determination in a crypto-coprocessor. 

50. (New) A computer-based method for a multiparty electronic service, the 
method comprising steps of: 
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implementing on a computer system at least one contract for governing a 
service between a service provider, a client and at least one other party; 

determining, in accordance with said contract, whether a match exists 
between a first request from said client and a data response from one of at least 
one other party; 

if a match results from said determining step, providing a notrfication of 
said match to said at least one other party. 

51 . (New) The method of claim 50 further comprises the step of providing said 
notification even if there is no match as determined in said determining step. 

52. (New) The method of claim 51 . wherein said step of providing said 
notification comprises the step of providing a dummy message to said at least 
one other party. 

53. (New) The method of claim 50 further comprises the step of notifying said 
client that said first request was processed. 

54 (New) The method of claim 50 wherein the implementing the at least one 
contract step comprises the step of assigning a contract ID for any contract that 
governs a service between the service provider, the client and the at least one 
other party. 

55. (New) A computer-based method for managing a matching identification 
service, the method comprising the steps of: 

implementing on a computer system at least one contract having a 
contract ID for governing said matching identification service between a serv.ce 
provider, a client and at least one other party determining, in accordance wrth 
said contract ID, whether a match exists between a first request from sa.d cl.ent 
and a data response from one of at least one other party; 
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if a match results from said determining step, providing a notification of 
said match to said at least one other party. 

56. (New) The method of claim 55 further comprises the step of providing 
notification even if there is no match as determined in said determining step. 

57 (New) The method of claim 56, wherein said step of providing said 
notification comprises the step of providing a dummy message to said at least 
one other party. 

58. (New) The method of claim 55 further comprises the step of notifying said 
client that said first request was processed. 

59. (New) Apparatus for a multiparty electronic service, the apparatus 
comprising: 

at least one host computer operative to: maintain and enforce at least one 
contract for governing a service between a service provider, a client and at least 
one other party; and to determine, in accordance with said at least one contract, 
whether a match exists between a first request from said client and a data 
response from one of at least one other party; 

said at least one host computer is further operative to provide a 
notification to said at least one other party if a match results from said 
determination. 

60 (New) The apparatus of claim 59. wherein said at least one host computer is 
further operative to provide said notification to said at .east one other party rf no 
match results from said determination. 

61 (New) The apparatus of claim 60, wherein said at least one host computer is 
further operative to provide a dummy message to said at least one other party. 
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62 (New) The apparatus of claim 59, wherein said at least one host computer is 
further operative to provide a notification to said client that said first request was 
processed. 

63. (New) The apparatus of claim 59, wherein said at least one host computer 
comprises: 

a secure computation environment for processing sensitive data; 

a network handler for sending and receiving messages to and from said 
secure computation environment and a network; and 

a storage handler to process database requests that come from inside 
said secure computation environment and retrieves information from a secured 
database containing said contracts and private information data. 

64 (New) The apparatus of claim 59, wherein said at least one host computer is 
further operative to provide a contract ID for any contract that governs a service 
between the service provider, the client and the at least one other party. 

65. (New) Apparatus for a matching identification service, the apparatus 
comprising: 

at least one host computer operative to: maintain and enforce at least one 
contract having a contract ID for governing a service between a service provider, 
a client and at least one other party; and to determine, in accordance with sa.d at 
least one contract, whether a match exists between a first request from said 
client and a data response from one of at least one other party, 
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said at least one host computer is further operative to provide a 
notification to said at least one other party if a match results from said 
determination, 

66. (New) The apparatus of claim 65, wherein said at least one host computer 
comprises: 

a secure computation environment for processing sensitive data; 

a network handler for sending and receiving messages to and from said 
secure computation environment and a network; and 

a storage handler to process database requests that come from inside 
said secure computation environment and retrieves information from a secured 
database containing said contracts and private information data. 

67 (New) The apparatus of claim 66, wherein said secure computation 
environment comprises a contract engine operative to: handle said first request, 
conduct a matching task, and provide a respond serving as said notification. 

68 (New) The apparatus of claim 65, wherein said at least one host computer is 
further operative to provide said notification to said at least one other party .f no 
match results from said determination. 
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